v2.1.0

feat(sshclient): add a promise-first SSH client with secure host verification and improve SSH key/config handling
v2.0.3
2026-05-02 09:43:21 +00:00 · 2026-05-02 09:43:21 +00:00 · 2026-05-01 18:44:22 +00:00 · 2026-05-01 18:44:22 +00:00 · 2024-05-29 14:16:27 +02:00 · 2024-04-14 18:22:42 +02:00
20 changed files with 8530 additions and 5140 deletions
@@ -0,0 +1,38 @@
 {
  "@ship.zone/szci": {
    "npmGlobalTools": [],
    "npmRegistryUrl": "registry.npmjs.org"
  },
  "@git.zone/cli": {
    "projectType": "npm",
    "module": {
      "githost": "code.foss.global",
      "gitscope": "push.rocks",
      "gitrepo": "smartssh",
      "shortDescription": "SSH automation utilities",
      "description": "Secure SSH configuration, key management, and remote machine control for TypeScript.",
      "npmPackagename": "@push.rocks/smartssh",
      "license": "MIT",
      "keywords": [
        "SSH",
        "SSH configuration",
        "SSH keys management",
        "automation",
        "development tools",
        "node.js",
        "security",
        "server management"
      ]
    },
    "release": {
      "registries": [
        "https://verdaccio.lossless.digital",
        "https://registry.npmjs.org"
      ],
      "accessLevel": "public"
    }
  },
  "@git.zone/tsdoc": {
    "legal": "\n## License and Legal Information\n\nThis repository contains open-source code licensed under the MIT License. A copy of the license can be found in the [license](./license) file.\n\n**Please note:** The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.\n\n### Trademarks\n\nThis project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH or third parties, and are not included within the scope of the MIT license granted herein.\n\nUse of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines or the guidelines of the respective third-party owners, and any usage must be approved in writing. Third-party trademarks used herein are the property of their respective owners and used only in a descriptive manner, e.g. for an implementation of an API or similar.\n\n### Company Information\n\nTask Venture Capital GmbH  \nRegistered at District Court Bremen HRB 35230 HB, Germany\n\nFor any legal inquiries or further information, please contact us via email at hello@task.vc.\n\nBy using this repository, you acknowledge that you have read this section, agree to comply with its terms, and understand that the licensing of the code does not imply endorsement by Task Venture Capital GmbH of any derivative works.\n"
  }
 }
@@ -0,0 +1,103 @@
 # Changelog
 ## 2026-05-02 - 2.1.0 - feat(sshclient)
 add a promise-first SSH client with secure host verification and improve SSH key/config handling
 - introduces SshClient and SshSftpClient for command execution, shells, file transfer, and port forwarding using ssh2
 - adds strict host key verification defaults with fingerprint-based trust options and explicit opt-out for test systems
 - implements SSH directory and key loading from disk, host alias validation, and safer file permissions for keys and config
 ## 2026-05-01 - 2.0.3 - fix(ssh)
 modernize filesystem handling and package exports for NodeNext compatibility
 - replace smartfile, smartpromise, and shell-based chmod usage with direct fs operations
 - add package exports and tighten TypeScript settings with noImplicitAny and Node types
 - update tests to the current tstest runner and move them to a node-specific entry file
 - refresh package metadata and dependency versions to match the updated toolchain
 ## 2024-05-29 - 2.0.2 - maintenance
 Release 2.0.2 focused on repository and TypeScript configuration housekeeping.
 - Updated project description
 - Refined TypeScript configuration
 - Updated npm metadata for git host configuration
 - Summarizes trivial maintenance commits across 2024-02-09 to 2024-05-29
 ## 2024-02-09 - 2.0.1 - core
 Delivered a core update in the 2.0.1 release line.
 - Updated core implementation
 ## 2023-07-27 - 2.0.0 - core
 Delivered a core update for the 2.0.0 release.
 - Updated core implementation
 ## 2022-10-11 - 1.2.7 - core
 Introduced a breaking core change by switching the package to ESM.
 - BREAKING: switched core package output to ESM
 ## 2022-10-11 - 1.2.4 to 1.2.6 - core
 This release range contained small core maintenance updates.
 - Repeated core update fixes delivered across versions 1.2.4, 1.2.5, and 1.2.6
 ## 2017-06-15 - 1.2.2 - maintenance
 Refined project structure in the 1.2.2 release.
 - Updated project structure
 ## 2016-11-23 - 1.2.0 to 1.2.1 - maintenance
 This release range focused on standards and documentation improvements.
 - Updated project to latest standards
 - Improved README documentation
 ## 2016-06-26 - 1.1.2 to 1.1.5 - core
 This release range delivered several core configuration and path-handling improvements.
 - Added more flexible path handling
 - Created config generation as a standard behavior
 - Set rights for stored keys
 - Included general maintenance and standards updates
 ## 2016-06-25 - 1.1.0 to 1.1.1 - core
 This release range reworked the internal structure around SSH configuration and key storage.
 - Updated structure of `SshConfig`
 - Updated `SshKey.store()`
 - Performed related structural cleanup
 ## 2016-06-24 - 1.0.6 to 1.0.7 - core
 This release range focused on structural changes in the core implementation.
 - Major structural updates
 - Additional structure refinements
 ## 2016-06-01 - 1.0.2 to 1.0.5 - features
 This release range added testing, packaging, CI, and key-handling improvements.
 - Renamed `Ssh` class to `SshInstance`
 - Added support for base64-encoded keys
 - Added typings to package metadata
 - Expanded and improved test coverage, including an 80% coverage milestone
 - Updated dependency and CI configuration
 - Improved directory synchronization behavior
 ## 2016-04-25 - 1.0.1 - core
 Expanded the initial API and improved class structure after the first stable release.
 - Added `removeKey` and `replaceKey` methods
 - Improved sync triggering
 - Restructured class files
 - Standardized class names to start with capital letters
 - Added supporting logic and typing updates
 ## 2016-04-24 - 1.0.0 - project
 Initial public release of the project.
 - Started the project structure
 - Created `package.json` and enabled CI
 - Added `.gitignore`
 - Added and improved README documentation
@@ -1,6 +1,6 @@
 The MIT License (MIT)
-Copyright (c) 2016 Task Venture Capital GmbH
+Copyright (c) 2026 Task Venture Capital GmbH <hello@task.vc>
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
@@ -1,17 +1,38 @@
 {
-  "npmci": {
+  "@ship.zone/szci": {
    "npmGlobalTools": [],
-    "npmAccessLevel": "public"
+    "npmRegistryUrl": "registry.npmjs.org"
  },
-  "gitzone": {
+  "@git.zone/cli": {
    "projectType": "npm",
    "module": {
-      "githost": "gitlab.com",
+      "githost": "code.foss.global",
      "gitscope": "push.rocks",
      "gitrepo": "smartssh",
-      "description": "setups SSH quickly and in a painless manner",
+      "shortDescription": "SSH automation utilities",
      "description": "Secure SSH configuration, key management, and remote machine control for TypeScript.",
      "npmPackagename": "@push.rocks/smartssh",
-      "license": "MIT"
+      "license": "MIT",
      "keywords": [
        "SSH",
        "SSH configuration",
        "SSH keys management",
        "automation",
        "development tools",
        "node.js",
        "security",
        "server management"
      ]
    },
    "release": {
      "registries": [
        "https://verdaccio.lossless.digital",
        "https://registry.npmjs.org"
      ],
      "accessLevel": "public"
    }
  },
  "@git.zone/tsdoc": {
    "legal": "\n## License and Legal Information\n\nThis repository contains open-source code licensed under the MIT License. A copy of the license can be found in the [license](./license) file.\n\n**Please note:** The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.\n\n### Trademarks\n\nThis project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH or third parties, and are not included within the scope of the MIT license granted herein.\n\nUse of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines or the guidelines of the respective third-party owners, and any usage must be approved in writing. Third-party trademarks used herein are the property of their respective owners and used only in a descriptive manner, e.g. for an implementation of an API or similar.\n\n### Company Information\n\nTask Venture Capital GmbH  \nRegistered at District Court Bremen HRB 35230 HB, Germany\n\nFor any legal inquiries or further information, please contact us via email at hello@task.vc.\n\nBy using this repository, you acknowledge that you have read this section, agree to comply with its terms, and understand that the licensing of the code does not imply endorsement by Task Venture Capital GmbH of any derivative works.\n"
  }
-}
+}
@@ -1,51 +1,55 @@
 {
  "name": "@push.rocks/smartssh",
-  "version": "2.0.2",
+  "version": "2.1.0",
  "private": false,
-  "description": "setups SSH quickly and in a painless manner",
+  "description": "Secure SSH configuration, key management, and remote machine control for TypeScript.",
  "exports": {
    ".": "./dist_ts/index.js"
  },
  "main": "dist_ts/index.js",
  "typings": "dist_ts/index.d.ts",
  "type": "module",
  "scripts": {
-    "test": "(tstest test/)",
+    "test": "tstest test/",
    "testDocker": "tsdocker",
-    "build": "(tsbuild --allowimplicitany)",
+    "build": "tsbuild",
    "buildDocs": "tsdoc"
  },
  "repository": {
    "type": "git",
-    "url": "git+https://gitlab.com/pushrocks/smartssh.git"
+    "url": "https://code.foss.global/push.rocks/smartssh.git"
  },
  "keywords": [
    "SSH",
-    "ENV",
+    "SSH configuration",
-    "base64"
+    "SSH keys management",
    "automation",
    "development tools",
    "node.js",
    "security",
    "server management"
  ],
-  "author": "Lossless GmbH",
+  "author": "Task Venture Capital GmbH <hello@task.vc>",
  "license": "MIT",
  "bugs": {
-    "url": "https://gitlab.com/pushrocks/smartssh/issues"
+    "url": "https://code.foss.global/push.rocks/smartssh/issues"
  },
-  "homepage": "https://gitlab.com/pushrocks/smartssh#readme",
+  "homepage": "https://code.foss.global/push.rocks/smartssh",
  "dependencies": {
-    "@push.rocks/smartcrypto": "^2.0.5",
+    "@push.rocks/smartcrypto": "^2.0.4",
-    "@push.rocks/smartfile": "^11.0.4",
+    "@push.rocks/smartjson": "^6.0.1",
-    "@push.rocks/smartjson": "^5.0.10",
+    "@push.rocks/smartpath": "^6.0.0",
-    "@push.rocks/smartpath": "^5.0.11",
+    "@push.rocks/smartstring": "^4.1.1",
    "@push.rocks/smartpromise": "^4.0.3",
    "@push.rocks/smartshell": "^3.0.3",
    "@push.rocks/smartstring": "^4.0.13",
    "@types/fs-extra": "^11.0.4",
-    "fs-extra": "^11.2.0",
+    "@types/ssh2": "^1.15.5",
-    "minimatch": "^9.0.3",
+    "fs-extra": "^11.3.4",
-    "node-ssh": "^13.1.0"
+    "minimatch": "^10.2.5",
    "ssh2": "^1.17.0"
  },
  "devDependencies": {
-    "@git.zone/tsbuild": "^2.1.72",
+    "@git.zone/tsbuild": "^4.4.0",
-    "@git.zone/tsrun": "^1.2.46",
+    "@git.zone/tstest": "^3.6.3",
-    "@git.zone/tstest": "^1.0.86",
+    "@types/node": "^25.6.0"
    "@push.rocks/tapbundle": "^5.0.15",
    "@types/node": "^20.11.17"
  },
  "files": [
    "ts/**/*",
@@ -56,6 +60,8 @@
    "dist_ts_web/**/*",
    "assets/**/*",
    "cli.js",
    ".smartconfig.json",
    "license",
    "npmextra.json",
    "readme.md"
  ],
@@ -0,0 +1 @@
@@ -1,65 +1,430 @@
 # @push.rocks/smartssh
 setups SSH quickly and in a painless manner
-## Availabililty and Links
+Secure SSH configuration, key management, and remote machine control for modern TypeScript projects. `@push.rocks/smartssh` gives you two things in one focused package: safe local OpenSSH config/key orchestration and a promise-first SSH client for executing commands, opening shells, transferring files, and forwarding ports.
 * [npmjs.org (npm package)](https://www.npmjs.com/package/@push.rocks/smartssh)
 * [gitlab.com (source)](https://gitlab.com/push.rocks/smartssh)
 * [github.com (source mirror)](https://github.com/push.rocks/smartssh)
 * [docs (typedoc)](https://push.rocks.gitlab.io/smartssh/)
-## Status for master
+Built on top of the pure JavaScript `ssh2` engine, it keeps the low-level protocol details out of your application while still exposing the control you need for serious automation.
-Status Category | Status Badge
+## Issue Reporting and Security
 -- | --
 GitLab Pipelines | [![pipeline status](https://gitlab.com/push.rocks/smartssh/badges/master/pipeline.svg)](https://lossless.cloud)
 GitLab Pipline Test Coverage | [![coverage report](https://gitlab.com/push.rocks/smartssh/badges/master/coverage.svg)](https://lossless.cloud)
 npm | [![npm downloads per month](https://badgen.net/npm/dy/@push.rocks/smartssh)](https://lossless.cloud)
 Snyk | [![Known Vulnerabilities](https://badgen.net/snyk/push.rocks/smartssh)](https://lossless.cloud)
 TypeScript Support | [![TypeScript](https://badgen.net/badge/TypeScript/>=%203.x/blue?icon=typescript)](https://lossless.cloud)
 node Support | [![node](https://img.shields.io/badge/node->=%2010.x.x-blue.svg)](https://nodejs.org/dist/latest-v10.x/docs/api/)
 Code Style | [![Code Style](https://badgen.net/badge/style/prettier/purple)](https://lossless.cloud)
 PackagePhobia (total standalone install weight) | [![PackagePhobia](https://badgen.net/packagephobia/install/@push.rocks/smartssh)](https://lossless.cloud)
 PackagePhobia (package size on registry) | [![PackagePhobia](https://badgen.net/packagephobia/publish/@push.rocks/smartssh)](https://lossless.cloud)
 BundlePhobia (total size when bundled) | [![BundlePhobia](https://badgen.net/bundlephobia/minzip/@push.rocks/smartssh)](https://lossless.cloud)
-## Usage
+For reporting bugs, issues, or security vulnerabilities, please visit [community.foss.global/](https://community.foss.global/). This is the central community hub for all issue reporting. Developers who sign and comply with our contribution agreement and go through identification can also get a [code.foss.global/](https://code.foss.global/) account to submit Pull Requests directly.
-```javascript
+## Install
-var smartssh = require('smartssh');
+
-var sshInstance = new smartssh.sshInstance({
+```bash
-  sshDir: '/some/path/.ssh', // the standard ssh directory, optional, defaults to "~./.ssh"
+pnpm add @push.rocks/smartssh
-  sshSync: true, // sync ssh this instance will represent the status of an ssh dir if set to true;
+```
 ## What It Does
 - Manage SSH keys as typed `SshKey` objects.
 - Generate OpenSSH-compatible config files with secure defaults.
 - Read managed key material back from disk.
 - Connect to remote machines with `SshClient`.
 - Execute commands and collect stdout, stderr, exit code, and signal.
 - Stream long-running commands or start interactive shells.
 - Use SFTP for uploads, downloads, file reads, writes, stats, permissions, and directory operations.
 - Forward TCP connections through SSH.
 - Verify host keys by SHA256 or MD5 fingerprints, with explicit opt-out for disposable test systems.
 ## Quick Start
 ```typescript
 import { SshClient, SshKey } from '@push.rocks/smartssh';
 const privateKey = SshKey.fromFile('/home/deploy/.ssh/id_ed25519');
 const sshClient = await SshClient.connect({
  host: 'server.example.com',
  username: 'deploy',
  privateKey,
  trustedHostFingerprints: ['SHA256:replaceWithYourKnownHostFingerprint'],
 });
 const result = await sshClient.exec('uname -a');
 console.log(result.code);
 console.log(result.stdout);
 console.error(result.stderr);
 await sshClient.close();
 ```
 ## Secure Defaults
 `smartssh` is intentionally conservative:
 - SSH config generation writes `StrictHostKeyChecking yes` by default.
 - `SshClient.connect()` requires host validation by default.
 - Private key files are written with `0600` permissions.
 - Public key files are written with `0644` permissions.
 - SSH directories are created with `0700` permissions.
 - Host aliases are validated before they are used as filenames or config entries.
 For local throwaway test servers you can explicitly opt out of host checking:
 ```typescript
 const sshClient = await SshClient.connect({
  host: '127.0.0.1',
  username: 'tester',
  password: 'secret',
  strictHostKeyChecking: false,
 });
 ```
 Do not disable host checking for production infrastructure unless another trust layer is already enforcing host identity.
 ## Key Management
 Create keys in memory:
 ```typescript
 import { SshKey } from '@push.rocks/smartssh';
 const githubKey = new SshKey({
  host: 'github.com',
  private: process.env.GITHUB_PRIVATE_KEY,
  public: process.env.GITHUB_PUBLIC_KEY,
 });
 console.log(githubKey.type); // 'duplex', 'private', 'public', or undefined
 console.log(githubKey.privKeyBase64);
 ```
 Load keys from files:
 ```typescript
 const deployKey = SshKey.fromFile('/home/deploy/.ssh/id_ed25519');
 const combinedKey = SshKey.fromFiles({
  host: 'production-app',
  privateKeyPath: '/home/deploy/.ssh/production-app',
  publicKeyPath: '/home/deploy/.ssh/production-app.pub',
 });
 ```
 Store keys safely:
 ```typescript
 await combinedKey.store('/home/deploy/.ssh');
 ```
 ## OpenSSH Config Management
 Use `SshInstance` when you want to manage a whole SSH directory and config file.
 ```typescript
 import { SshInstance, SshKey } from '@push.rocks/smartssh';
 const sshInstance = new SshInstance({
  sshDirPath: '/home/deploy/.ssh',
  strictHostKeyChecking: true,
 });
 sshInstance.addKey(
-  new smartssh.sshKey({
+  new SshKey({
-    private: 'somestring',
+    host: 'git.example.com',
-    public: 'somestring', // optional
+    private: process.env.GIT_PRIVATE_KEY,
-    host: 'github.com',
+    public: process.env.GIT_PUBLIC_KEY,
    encoding: 'base64', // optional, defaults to "utf8", can be "utf8" or "base64", useful for reading ssh keys from environment variables
  })
 );
-sshInstance.removeKey(sshInstance.getKey('github.com')); // removes key for host "github.com" is present
+sshInstance.writeToDisk();
 sshInstance.createKey({
  host: 'gitlab.com', // returns new key in the form sshKey, read more about the sshKey class below
 });
 sshInstance.getKey({
  // returns ssh key in the form sshKey, read more about the sshKey class below
  host: 'github.com',
 });
 sshInstance.getKeys(); // returns array of all available getKeys. Each key is in form of class sshKey
 ```
-## Contribution
+Generated config example:
-We are always happy for code contributions. If you are not the code contributing type that is ok. Still, maintaining Open Source repositories takes considerable time and thought. If you like the quality of what we do and our modules are useful to you we would appreciate a little monthly contribution: You can [contribute one time](https://lossless.link/contribute-onetime) or [contribute monthly](https://lossless.link/contribute). :)
+```sshconfig
 Host git.example.com
  HostName git.example.com
  IdentityFile /home/deploy/.ssh/git.example.com
  StrictHostKeyChecking yes
 ```
-For further information read the linked docs at the top of this readme.
+Read keys back from disk:
-## Legal
+```typescript
-> MIT licensed | **&copy;** [Task Venture Capital GmbH](https://task.vc)
+const existingSsh = new SshInstance({
-| By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy)
+  sshDirPath: '/home/deploy/.ssh',
 });
 existingSsh.readFromDisk();
 const key = existingSsh.getKey('git.example.com');
 console.log(key?.pubKey);
 ```
 ## Remote Command Execution
 `exec()` waits for the remote command to finish and returns a structured result.
 ```typescript
 const result = await sshClient.exec('systemctl is-active nginx', {
  timeout: 10_000,
 });
 if (result.code !== 0) {
  throw new Error(result.stderr);
 }
 console.log(result.stdout.trim());
 ```
 Send input to a command:
 ```typescript
 const result = await sshClient.exec('cat > /tmp/message.txt', {
  input: 'hello from smartssh\n',
 });
 ```
 Abort or time-limit a command:
 ```typescript
 const abortController = new AbortController();
 setTimeout(() => abortController.abort(), 5_000);
 await sshClient.exec('sleep 60', {
  signal: abortController.signal,
 });
 ```
 ## Streaming Commands and Shells
 Use `stream()` for long-running commands where you want to handle output as it arrives.
 ```typescript
 const stream = await sshClient.stream('tail -f /var/log/syslog');
 stream.on('data', (chunk) => {
  process.stdout.write(chunk);
 });
 stream.stderr.on('data', (chunk) => {
  process.stderr.write(chunk);
 });
 ```
 Start an interactive shell:
 ```typescript
 const shell = await sshClient.shell({
  window: {
    rows: 40,
    cols: 120,
    term: 'xterm-256color',
  },
 });
 shell.write('whoami\n');
 shell.write('exit\n');
 ```
 ## SFTP
 Create an SFTP client from an active SSH connection:
 ```typescript
 const sftp = await sshClient.sftp();
 ```
 Upload and download files:
 ```typescript
 await sftp.upload({
  localPath: './dist/app.tar.gz',
  remotePath: '/tmp/app.tar.gz',
 });
 await sftp.download({
  remotePath: '/var/log/app.log',
  localPath: './app.log',
 });
 ```
 Read and write remote files:
 ```typescript
 const osRelease = await sftp.readFile('/etc/os-release', 'utf8');
 await sftp.writeFile('/tmp/deploy.json', JSON.stringify({
  version: '1.2.3',
 }));
 ```
 Inspect and manage remote paths:
 ```typescript
 const files = await sftp.readdir('/var/www');
 const stats = await sftp.stat('/var/www/app');
 await sftp.mkdir('/tmp/smartssh');
 await sftp.chmod('/tmp/smartssh', 0o755);
 await sftp.rename('/tmp/old-name', '/tmp/new-name');
 await sftp.remove('/tmp/new-name');
 ```
 ## Port Forwarding
 Open a direct TCP channel through the SSH server:
 ```typescript
 const channel = await sshClient.forwardOut({
  destinationHost: '127.0.0.1',
  destinationPort: 5432,
 });
 channel.write('raw tcp payload');
 ```
 Ask the remote SSH server to listen and forward incoming TCP connections:
 ```typescript
 const forward = await sshClient.forwardIn({
  remoteHost: '127.0.0.1',
  remotePort: 0,
 });
 console.log(`Remote port: ${forward.remotePort}`);
 await forward.close();
 ```
 ## API Overview
 ### `SshClient`
 - `SshClient.connect(profile)` creates and connects a client in one step.
 - `connect()` opens the SSH connection for an existing instance.
 - `exec(command, options)` runs a command and returns `ISshExecResult`.
 - `stream(command, options)` opens a command channel for streaming output.
 - `shell(options)` starts an interactive shell channel.
 - `sftp()` returns a typed `SshSftpClient`.
 - `forwardOut(options)` opens a direct TCP channel through SSH.
 - `forwardIn(options)` creates a remote listener and returns a closeable handle.
 - `close()` ends the connection.
 - `fingerprintSha256(key)` and `fingerprintMd5(key)` generate comparable host key fingerprints.
 ### `SshSftpClient`
 - `upload({ localPath, remotePath })`
 - `download({ remotePath, localPath })`
 - `readFile(remotePath, encoding?)`
 - `writeFile(remotePath, data)`
 - `readdir(remotePath)`
 - `stat(remotePath)` and `lstat(remotePath)`
 - `mkdir(remotePath, attributes?)`
 - `chmod(remotePath, mode)`
 - `rename(sourcePath, destinationPath)`
 - `remove(remotePath)` and `rmdir(remotePath)`
 ### `SshKey`
 - Construct with `{ host, private, public, authorized }`.
 - Read and write private/public key strings.
 - Encode and decode key material with `privKeyBase64` and `pubKeyBase64`.
 - Load keys from disk with `fromFile()` or `fromFiles()`.
 - Store keys to disk with safe permissions via `store()`.
 - Inspect `type` as `duplex`, `private`, `public`, or `undefined`.
 ### `SshInstance`
 - `addKey(key)`, `removeKey(key)`, and `replaceKey(oldKey, newKey)` manage key collections.
 - `getKey(host)` retrieves a managed key by host alias.
 - `sshKeys` exposes the current key array.
 - `writeToDisk(dirPath?)` writes keys and config.
 - `readFromDisk(dirPath?)` reads key files from an SSH directory.
 - `sshSync: true` keeps disk state in sync on key changes.
 ### `SshConfig`
 - `store(dirPath)` writes an OpenSSH config file.
 - `read(dirPath)` reads the config file.
 - `parse(dirPath)` parses host blocks from a config file.
 - `SshConfig.parse(configString)` parses host blocks from a string.
 ## Types You Will Usually Import
 ```typescript
 import type {
  ISshProfile,
  ISshExecOptions,
  ISshExecResult,
  ISshUploadOptions,
  ISshDownloadOptions,
  ISshForwardInHandle,
  ISshForwardInOptions,
  ISshForwardOutOptions,
  ISshShellOptions,
  TSshHostVerifier,
 } from '@push.rocks/smartssh';
 ```
 ## Real-World Flow
 ```typescript
 import { SshClient, SshKey } from '@push.rocks/smartssh';
 const key = SshKey.fromFile('/home/deploy/.ssh/production');
 const server = await SshClient.connect({
  host: 'app-01.example.com',
  username: 'deploy',
  privateKey: key,
  trustedHostFingerprints: ['SHA256:replaceWithTheRealFingerprint'],
  keepaliveInterval: 30_000,
 });
 try {
  const sftp = await server.sftp();
  await sftp.upload({
    localPath: './release.tar.gz',
    remotePath: '/tmp/release.tar.gz',
  });
  const deploy = await server.exec([
    'set -e',
    'mkdir -p /srv/app',
    'tar -xzf /tmp/release.tar.gz -C /srv/app',
    'systemctl restart app',
  ].join(' && '), {
    timeout: 120_000,
  });
  if (deploy.code !== 0) {
    throw new Error(deploy.stderr);
  }
 } finally {
  await server.close();
 }
 ```
 ## Notes
 - The package is ESM-first and intended for TypeScript projects.
 - `ssh2` is used directly as the SSH protocol engine.
 - Config generation is intentionally simple and focused on managed host/key entries.
 - `readFromDisk()` reads key files from the SSH directory; it does not attempt to preserve or rewrite arbitrary user-managed config comments.
 - Host aliases are intentionally restricted to filename-safe values to avoid path traversal and config injection.
 ## License and Legal Information
 This repository contains open-source code licensed under the MIT License. A copy of the license can be found in the [license](./license) file.
 **Please note:** The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.
 ### Trademarks
 This project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH or third parties, and are not included within the scope of the MIT license granted herein.
 Use of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines or the guidelines of the respective third-party owners, and any usage must be approved in writing. Third-party trademarks used herein are the property of their respective owners and used only in a descriptive manner, e.g. for an implementation of an API or similar.
 ### Company Information
 Task Venture Capital GmbH  
 Registered at District Court Bremen HRB 35230 HB, Germany
 For any legal inquiries or further information, please contact us via email at hello@task.vc.
 By using this repository, you acknowledge that you have read this section, agree to comply with its terms, and understand that the licensing of the code does not imply endorsement by Task Venture Capital GmbH of any derivative works.
@@ -0,0 +1,214 @@
 import { expect, tap } from '@git.zone/tstest/tapbundle';
 import * as smartssh from '../ts/index.js';
 import fs from 'fs-extra';
 import type { AddressInfo } from 'net';
 import * as path from 'path';
 import ssh2 from 'ssh2';
 import type { Server as TSsh2Server } from 'ssh2';
 const { Server, utils } = ssh2;
 const testDir = path.join(process.cwd(), '.nogit/test/temp');
 const configPath = path.join(testDir, 'config');
 let testSshInstance: smartssh.SshInstance;
 let testSshKey: smartssh.SshKey;
 let testSshServer: TSsh2Server;
 let testSshServerPort: number;
 const createTestSshServer = async () => {
  const hostKeys = [utils.generateKeyPairSync('ed25519').private];
  const server = new Server({ hostKeys }, (client) => {
    client.on('authentication', (ctx) => {
      if (ctx.method === 'password' && ctx.username === 'tester' && ctx.password === 'secret') {
        ctx.accept();
        return;
      }
      ctx.reject();
    });
    client.on('ready', () => {
      client.on('session', (accept) => {
        const session = accept();
        session.on('exec', (acceptExec, _rejectExec, info) => {
          const stream = acceptExec();
          if (info.command === 'printf smartssh') {
            stream.write('smartssh\n');
            stream.stderr.write('warn\n');
            stream.exit(0);
            stream.end();
            return;
          }
          stream.stderr.write(`unknown command: ${info.command}\n`);
          stream.exit(127);
          stream.end();
        });
      });
    });
  });
  await new Promise<void>((resolve) => server.listen(0, '127.0.0.1', () => resolve()));
  const address = server.address() as AddressInfo;
  return {
    server,
    port: address.port,
  };
 };
 tap.test('should prepare a clean test directory', async () => {
  await fs.emptyDir(testDir);
 });
 tap.test('should create a valid SshKey object', async () => {
  testSshKey = new smartssh.SshKey({
    host: 'example.com',
    private: 'someExamplePrivateKey',
    public: 'someExamplePublicKey',
  });
  expect(testSshKey).toBeInstanceOf(smartssh.SshKey);
 });
 tap.test('.type should be a valid type', async () => {
  expect(testSshKey.type).toEqual('duplex');
 });
 tap.test('.publicKey should be public key', async () => {
  expect(testSshKey.pubKey).toEqual('someExamplePublicKey');
 });
 tap.test('.privateKey should be private key', async () => {
  expect(testSshKey.privKey).toEqual('someExamplePrivateKey');
 });
 tap.test('.publicKeyBase64 should be public key base 64 encoded', async () => {
  // tslint:disable-next-line:no-unused-expression
  testSshKey.pubKeyBase64;
 });
 tap.test('.store() should store the file to disk', async () => {
  await testSshKey.store(testDir);
  const privateKeyMode = (await fs.stat(path.join(testDir, 'example.com'))).mode & 0o777;
  const publicKeyMode = (await fs.stat(path.join(testDir, 'example.com.pub'))).mode & 0o777;
  expect(privateKeyMode).toEqual(0o600);
  expect(publicKeyMode).toEqual(0o644);
 });
 tap.test('.store() should reject unsafe host aliases', async () => {
  expect(() => {
    new smartssh.SshKey({
      host: '../evil',
      private: 'somePrivateKey',
    });
  }).toThrow();
 });
 // SSH INstance
 tap.test("'new' keyword should create a new SshInstance object from class", async () => {
  testSshInstance = new smartssh.SshInstance({
    sshDirPath: testDir,
  });
  expect(testSshInstance).toBeInstanceOf(smartssh.SshInstance);
 });
 tap.test('.addKey() should accept a new SshKey object', async () => {
  testSshInstance.addKey(
    new smartssh.SshKey({
      public: 'somePublicKey',
      private: 'somePrivateKey',
      host: 'gitlab.com',
    })
  );
  testSshInstance.addKey(
    new smartssh.SshKey({
      public: 'somePublicKey',
      private: 'somePrivateKey',
      host: 'bitbucket.org',
    })
  );
  testSshInstance.addKey(
    new smartssh.SshKey({
      public: 'someGitHubPublicKey',
      private: 'someGitHubPrivateKey',
      host: 'github.com',
    })
  );
 });
 tap.test('.sshKeys should point to an array of sshKeys', async () => {
  let sshKeyArray = testSshInstance.sshKeys;
  expect(sshKeyArray).toBeInstanceOf(Array);
  expect(sshKeyArray[0].host).toEqual('gitlab.com');
  expect(sshKeyArray[1].host).toEqual('bitbucket.org');
  expect(sshKeyArray[2].host).toEqual('github.com');
 });
 tap.test('.getKey() should get a specific key selected by host', async () => {
  const sshKey = testSshInstance.getKey('github.com');
  expect(sshKey).toBeInstanceOf(smartssh.SshKey);
  expect(sshKey?.pubKey).toEqual('someGitHubPublicKey');
 });
 tap.test('.removeKey() should remove a key', async () => {
  const sshKey = testSshInstance.getKey('bitbucket.org');
  expect(sshKey).toBeInstanceOf(smartssh.SshKey);
  testSshInstance.removeKey(sshKey!);
  expect(testSshInstance.sshKeys[1].host).toEqual('github.com');
 });
 tap.test('it should store to disk', async () => {
  testSshInstance.writeToDisk();
  const config = await fs.readFile(configPath, 'utf8');
  expect(config).toInclude(`IdentityFile ${path.join(testDir, 'github.com')}`);
  expect(config).toInclude('StrictHostKeyChecking yes');
  expect(config).not.toInclude('StrictHostKeyChecking no');
 });
 tap.test('it should read keys back from disk', async () => {
  const readBackInstance = new smartssh.SshInstance({ sshDirPath: testDir });
  readBackInstance.readFromDisk();
  const githubKey = readBackInstance.getKey('github.com');
  expect(githubKey).toBeInstanceOf(smartssh.SshKey);
  expect(githubKey?.privKey).toEqual('someGitHubPrivateKey');
  expect(githubKey?.pubKey).toEqual('someGitHubPublicKey');
 });
 tap.test('SshClient should require host validation by default', async () => {
  let strictHostError: Error | undefined;
  try {
    await smartssh.SshClient.connect({
      host: '127.0.0.1',
      username: 'tester',
    });
  } catch (error) {
    strictHostError = error as Error;
  }
  expect(strictHostError?.message).toInclude('strictHostKeyChecking');
 });
 tap.test('SshClient should execute a command over a real SSH server', async () => {
  const testServer = await createTestSshServer();
  testSshServer = testServer.server;
  testSshServerPort = testServer.port;
  const sshClient = await smartssh.SshClient.connect({
    host: '127.0.0.1',
    port: testSshServerPort,
    username: 'tester',
    password: 'secret',
    strictHostKeyChecking: false,
  });
  const result = await sshClient.exec('printf smartssh');
  await sshClient.close();
  expect(result.code).toEqual(0);
  expect(result.stdout).toEqual('smartssh\n');
  expect(result.stderr).toEqual('warn\n');
 });
 tap.test('should close the real SSH test server', async () => {
  await new Promise<void>((resolve, reject) => {
    testSshServer.close((error?: Error) => {
      if (error) {
        reject(error);
        return;
      }
      resolve();
    });
  });
 });
 export default tap.start();
@@ -1,84 +0,0 @@
 import { expect, tap } from '@push.rocks/tapbundle';
 import * as smartssh from '../ts/index.js';
 import * as path from 'path';
 let testSshInstance: smartssh.SshInstance;
 let testSshKey: smartssh.SshKey;
 tap.test('should create a valid SshKey object', async () => {
  testSshKey = new smartssh.SshKey({
    host: 'example.com',
    private: 'someExamplePrivateKey',
    public: 'someExamplePublicKey',
  });
  expect(testSshKey).toBeInstanceOf(smartssh.SshKey);
 });
 tap.test('.type should be a valid type', async () => {
  expect(testSshKey.type).toEqual('duplex');
 });
 tap.test('.publicKey should be public key', async () => {
  expect(testSshKey.pubKey).toEqual('someExamplePublicKey');
 });
 tap.test('.privateKey should be private key', async () => {
  expect(testSshKey.privKey).toEqual('someExamplePrivateKey');
 });
 tap.test('.publicKeyBase64 should be public key base 64 encoded', async () => {
  // tslint:disable-next-line:no-unused-expression
  testSshKey.pubKeyBase64;
 });
 tap.test('.store() should store the file to disk', async () => {
  testSshKey.store(path.join(process.cwd(), 'test/temp'));
 });
 // SSH INstance
 tap.test("'new' keyword should create a new SshInstance object from class", async () => {
  testSshInstance = new smartssh.SshInstance({
    sshDirPath: path.join(process.cwd(), 'test/temp/'),
  });
  expect(testSshInstance).toBeInstanceOf(smartssh.SshInstance);
 });
 tap.test('.addKey() should accept a new SshKey object', async () => {
  testSshInstance.addKey(
    new smartssh.SshKey({
      public: 'somePublicKey',
      private: 'somePrivateKey',
      host: 'gitlab.com',
    })
  );
  testSshInstance.addKey(
    new smartssh.SshKey({
      public: 'somePublicKey',
      private: 'somePrivateKey',
      host: 'bitbucket.org',
    })
  );
  testSshInstance.addKey(
    new smartssh.SshKey({
      public: 'someGitHubPublicKey',
      private: 'someGitHubPrivateKey',
      host: 'github.com',
    })
  );
 });
 tap.test('.sshKeys should point to an array of sshKeys', async () => {
  let sshKeyArray = testSshInstance.sshKeys;
  expect(sshKeyArray).toBeInstanceOf(Array);
  expect(sshKeyArray[0].host).toEqual('gitlab.com');
  expect(sshKeyArray[1].host).toEqual('bitbucket.org');
  expect(sshKeyArray[2].host).toEqual('github.com');
 });
 tap.test('.getKey() should get a specific key selected by host', async () => {
  expect(testSshInstance.getKey('github.com').pubKey).toEqual('someGitHubPublicKey');
 });
 tap.test('.removeKey() should remove a key', async () => {
  testSshInstance.removeKey(testSshInstance.getKey('bitbucket.org'));
  expect(testSshInstance.sshKeys[1].host).toEqual('github.com');
 });
 tap.test('it should store to disk', async () => {
  testSshInstance.writeToDisk();
 });
 tap.start();
@@ -1,8 +1,8 @@
 /**
- * autocreated commitinfo by @pushrocks/commitinfo
+ * autocreated commitinfo by @push.rocks/commitinfo
 */
 export const commitinfo = {
  name: '@push.rocks/smartssh',
-  version: '2.0.2',
+  version: '2.1.0',
-  description: 'setups SSH quickly and in a painless manner'
+  description: 'Secure SSH configuration, key management, and remote machine control for TypeScript.'
 }
@@ -4,3 +4,21 @@ export { SshInstance } from './smartssh.classes.sshinstance.js';
 export { SshKey } from './smartssh.classes.sshkey.js';
 export { SshDir } from './smartssh.classes.sshdir.js';
 export { SshConfig } from './smartssh.classes.sshconfig.js';
 export { SshClient, SshSftpClient } from './smartssh.classes.sshclient.js';
 export type {
  ISshDownloadOptions,
  ISshExecOptions,
  ISshExecResult,
  ISshForwardInHandle,
  ISshForwardInOptions,
  ISshForwardOutOptions,
  ISshProfile,
  ISshShellOptions,
  ISshUploadOptions,
  TSshHostVerifier,
 } from './smartssh.classes.sshclient.js';
 export type {
  ISshConfigHostBlock,
  ISshConfigOptions,
  TSshStrictHostKeyChecking,
 } from './smartssh.classes.sshconfig.js';
@@ -1,7 +1,107 @@
 import * as plugins from './smartssh.plugins.js';
 import { SshKey } from './smartssh.classes.sshkey.js';
-export let sshKeyArrayFromDir = function (dirArg: string): SshKey[] {
+const unsafeHostMessage =
-  let sshKeyArray = []; // TODO
+  'SSH host aliases must be single, filename-safe values without whitespace or path separators.';
-  return sshKeyArray;
+
 export const assertSafeHost = (hostArg: string) => {
  if (!hostArg || hostArg === '.' || hostArg === '..') {
    throw new Error(unsafeHostMessage);
  }
  if (!/^[A-Za-z0-9._@:%+-]+$/.test(hostArg)) {
    throw new Error(unsafeHostMessage);
  }
 };
 export const isSafeHost = (hostArg: string) => {
  try {
    assertSafeHost(hostArg);
    return true;
  } catch {
    return false;
  }
 };
 export const resolveSshDirPath = (dirPathArg?: string) => {
  return plugins.path.resolve(
    dirPathArg ?? plugins.path.join(plugins.smartpath.get.home(), '.ssh')
  );
 };
 export const ensureSshDirSync = (dirPathArg: string) => {
  plugins.fs.ensureDirSync(dirPathArg);
  plugins.fs.chmodSync(dirPathArg, 0o700);
 };
 export const quoteSshConfigValue = (valueArg: string) => {
  if (/^[A-Za-z0-9._~/:@%+-]+$/.test(valueArg)) {
    return valueArg;
  }
  return `"${valueArg.replace(/\\/g, '\\\\').replace(/"/g, '\\"')}"`;
 };
 export const fingerprintSha256 = (keyArg: Buffer | string) => {
  const hash = plugins.crypto
    .createHash('sha256')
    .update(keyArg)
    .digest('base64')
    .replace(/=+$/, '');
  return `SHA256:${hash}`;
 };
 export const fingerprintMd5 = (keyArg: Buffer | string) => {
  const hash = plugins.crypto.createHash('md5').update(keyArg).digest('hex');
  return hash.match(/.{2}/g)?.join(':') ?? hash;
 };
 export const sshKeyArrayFromDir = (dirArg: string): SshKey[] => {
  const resolvedDir = resolveSshDirPath(dirArg);
  if (!plugins.fs.pathExistsSync(resolvedDir)) {
    return [];
  }
  const entries = plugins.fs.readdirSync(resolvedDir, { withFileTypes: true });
  const keyMap = new Map<string, { private?: string; public?: string }>();
  for (const entry of entries) {
    if (!entry.isFile()) {
      continue;
    }
    const fileName = entry.name;
    if (
      fileName === 'config' ||
      fileName === 'authorized_keys' ||
      fileName === 'known_hosts' ||
      fileName.startsWith('.')
    ) {
      continue;
    }
    const isPublicKey = fileName.endsWith('.pub');
    const host = isPublicKey ? fileName.slice(0, -4) : fileName;
    if (!isSafeHost(host)) {
      continue;
    }
    const keyRecord = keyMap.get(host) ?? {};
    const filePath = plugins.path.join(resolvedDir, fileName);
    const keyContent = plugins.fs.readFileSync(filePath, 'utf8');
    if (isPublicKey) {
      keyRecord.public = keyContent;
    } else {
      keyRecord.private = keyContent;
    }
    keyMap.set(host, keyRecord);
  }
  return Array.from(keyMap.entries()).map(([host, keyRecord]) => {
    return new SshKey({
      host,
      private: keyRecord.private,
      public: keyRecord.public,
    });
  });
 };
@@ -0,0 +1,534 @@
 import * as plugins from './smartssh.plugins.js';
 import * as helpers from './smartssh.classes.helpers.js';
 import { SshKey } from './smartssh.classes.sshkey.js';
 import type * as ssh2 from 'ssh2';
 export type TSshHostVerifier = (fingerprintArg: string, keyArg: Buffer) => boolean | Promise<boolean>;
 export interface ISshProfile {
  host: string;
  port?: number;
  username?: string;
  password?: string;
  privateKey?: string | Buffer | SshKey;
  passphrase?: string | Buffer;
  agent?: ssh2.ConnectConfig['agent'];
  agentForward?: boolean;
  tryKeyboard?: boolean;
  readyTimeout?: number;
  keepaliveInterval?: number;
  keepaliveCountMax?: number;
  strictVendor?: boolean;
  strictHostKeyChecking?: boolean;
  trustedHostFingerprints?: string[];
  hostVerifier?: TSshHostVerifier;
  algorithms?: ssh2.Algorithms;
  authHandler?: ssh2.ConnectConfig['authHandler'];
  sock?: ssh2.ConnectConfig['sock'];
  forceIPv4?: boolean;
  forceIPv6?: boolean;
  localAddress?: string;
  localPort?: number;
  timeout?: number;
  ident?: Buffer | string;
  debug?: ssh2.DebugFunction;
 }
 export interface ISshExecOptions extends ssh2.ExecOptions {
  input?: string | Buffer;
  encoding?: BufferEncoding;
  timeout?: number;
  signal?: AbortSignal;
 }
 export interface ISshExecResult {
  command: string;
  code: number | null;
  signal: string | null;
  stdout: string;
  stderr: string;
  stdoutBuffer: Buffer;
  stderrBuffer: Buffer;
 }
 export interface ISshShellOptions {
  window?: ssh2.PseudoTtyOptions | false;
  options?: ssh2.ShellOptions;
 }
 export interface ISshForwardOutOptions {
  sourceHost?: string;
  sourcePort?: number;
  destinationHost: string;
  destinationPort: number;
 }
 export interface ISshForwardInOptions {
  remoteHost?: string;
  remotePort: number;
 }
 export interface ISshForwardInHandle {
  remoteHost: string;
  remotePort: number;
  close: () => Promise<void>;
 }
 export interface ISshUploadOptions {
  localPath: string;
  remotePath: string;
  transferOptions?: ssh2.TransferOptions;
 }
 export interface ISshDownloadOptions {
  remotePath: string;
  localPath: string;
  transferOptions?: ssh2.TransferOptions;
 }
 export class SshSftpClient {
  constructor(private sftp: ssh2.SFTPWrapper) {}
  async upload(optionsArg: ISshUploadOptions) {
    await this.runVoid((done) => {
      if (optionsArg.transferOptions) {
        this.sftp.fastPut(optionsArg.localPath, optionsArg.remotePath, optionsArg.transferOptions, done);
      } else {
        this.sftp.fastPut(optionsArg.localPath, optionsArg.remotePath, done);
      }
    });
  }
  async download(optionsArg: ISshDownloadOptions) {
    await this.runVoid((done) => {
      if (optionsArg.transferOptions) {
        this.sftp.fastGet(optionsArg.remotePath, optionsArg.localPath, optionsArg.transferOptions, done);
      } else {
        this.sftp.fastGet(optionsArg.remotePath, optionsArg.localPath, done);
      }
    });
  }
  async readFile(remotePathArg: string): Promise<Buffer>;
  async readFile(remotePathArg: string, encodingArg: BufferEncoding): Promise<string>;
  async readFile(remotePathArg: string, encodingArg?: BufferEncoding) {
    const fileBuffer = await this.run<Buffer>((done) => {
      this.sftp.readFile(remotePathArg, (error, fileContent) => done(error, fileContent));
    });
    return encodingArg ? fileBuffer.toString(encodingArg) : fileBuffer;
  }
  async writeFile(remotePathArg: string, dataArg: string | Buffer) {
    await this.runVoid((done) => this.sftp.writeFile(remotePathArg, dataArg, done));
  }
  async readdir(remotePathArg: string) {
    return this.run<ssh2.FileEntryWithStats[]>((done) => {
      this.sftp.readdir(remotePathArg, (error, list) => done(error, list));
    });
  }
  async stat(remotePathArg: string) {
    return this.run<ssh2.Stats>((done) => {
      this.sftp.stat(remotePathArg, (error, stats) => done(error, stats));
    });
  }
  async lstat(remotePathArg: string) {
    return this.run<ssh2.Stats>((done) => {
      this.sftp.lstat(remotePathArg, (error, stats) => done(error, stats));
    });
  }
  async mkdir(remotePathArg: string, attributesArg?: ssh2.InputAttributes) {
    await this.runVoid((done) => {
      if (attributesArg) {
        this.sftp.mkdir(remotePathArg, attributesArg, done);
      } else {
        this.sftp.mkdir(remotePathArg, done);
      }
    });
  }
  async chmod(remotePathArg: string, modeArg: number | string) {
    await this.runVoid((done) => this.sftp.chmod(remotePathArg, modeArg, done));
  }
  async remove(remotePathArg: string) {
    await this.runVoid((done) => this.sftp.unlink(remotePathArg, done));
  }
  async rmdir(remotePathArg: string) {
    await this.runVoid((done) => this.sftp.rmdir(remotePathArg, done));
  }
  async rename(sourcePathArg: string, destinationPathArg: string) {
    await this.runVoid((done) => this.sftp.rename(sourcePathArg, destinationPathArg, done));
  }
  private async run<T>(runnerArg: (doneArg: (errorArg?: Error | null, valueArg?: T) => void) => void) {
    return new Promise<T>((resolve, reject) => {
      runnerArg((error, value) => {
        if (error) {
          reject(error);
          return;
        }
        resolve(value as T);
      });
    });
  }
  private async runVoid(runnerArg: (doneArg: (errorArg?: Error | null) => void) => void) {
    await this.run<void>((done) => runnerArg(done));
  }
 }
 export class SshClient {
  private connection?: ssh2.Client;
  private connected = false;
  private lastError?: Error;
  constructor(private profile: ISshProfile) {}
  static async connect(profileArg: ISshProfile) {
    const sshClient = new SshClient(profileArg);
    await sshClient.connect();
    return sshClient;
  }
  static fingerprintSha256(keyArg: Buffer | string) {
    return helpers.fingerprintSha256(keyArg);
  }
  static fingerprintMd5(keyArg: Buffer | string) {
    return helpers.fingerprintMd5(keyArg);
  }
  async connect() {
    if (this.connected) {
      return;
    }
    const connectConfig = this.createConnectConfig();
    const connection = new plugins.ssh2.Client();
    this.connection = connection;
    await new Promise<void>((resolve, reject) => {
      let settled = false;
      const settle = (errorArg?: Error) => {
        if (settled) {
          if (errorArg) {
            this.lastError = errorArg;
          }
          return;
        }
        settled = true;
        connection.removeListener('ready', handleReady);
        connection.removeListener('close', handleClose);
        if (errorArg) {
          reject(errorArg);
        } else {
          resolve();
        }
      };
      const handleReady = () => {
        this.connected = true;
        settle();
      };
      const handleClose = () => {
        this.connected = false;
        settle(new Error('SSH connection closed before it became ready.'));
      };
      const handleError = (errorArg: Error) => {
        this.lastError = errorArg;
        settle(errorArg);
      };
      connection.on('error', handleError);
      connection.once('ready', handleReady);
      connection.once('close', handleClose);
      connection.connect(connectConfig);
    });
  }
  async exec(commandArg: string, optionsArg: ISshExecOptions = {}): Promise<ISshExecResult> {
    const connection = this.ensureConnected();
    const { input, encoding = 'utf8', timeout, signal, ...execOptions } = optionsArg;
    return new Promise<ISshExecResult>((resolve, reject) => {
      let settled = false;
      let timeoutHandle: NodeJS.Timeout | undefined;
      let channel: ssh2.ClientChannel | undefined;
      let code: number | null = null;
      let exitSignal: string | null = null;
      const stdoutChunks: Buffer[] = [];
      const stderrChunks: Buffer[] = [];
      const settle = (errorArg?: Error) => {
        if (settled) {
          return;
        }
        settled = true;
        if (timeoutHandle) {
          clearTimeout(timeoutHandle);
        }
        signal?.removeEventListener('abort', handleAbort);
        if (errorArg) {
          reject(errorArg);
          return;
        }
        const stdoutBuffer = Buffer.concat(stdoutChunks);
        const stderrBuffer = Buffer.concat(stderrChunks);
        resolve({
          command: commandArg,
          code,
          signal: exitSignal,
          stdout: stdoutBuffer.toString(encoding),
          stderr: stderrBuffer.toString(encoding),
          stdoutBuffer,
          stderrBuffer,
        });
      };
      const handleAbort = () => {
        channel?.close();
        settle(new Error(`SSH exec aborted: ${commandArg}`));
      };
      if (signal?.aborted) {
        handleAbort();
        return;
      }
      if (timeout) {
        timeoutHandle = setTimeout(() => {
          channel?.close();
          settle(new Error(`SSH exec timed out after ${timeout}ms: ${commandArg}`));
        }, timeout);
      }
      signal?.addEventListener('abort', handleAbort);
      connection.exec(commandArg, execOptions, (error, stream) => {
        if (error) {
          settle(error);
          return;
        }
        channel = stream;
        stream.on('data', (chunk: Buffer | string) => stdoutChunks.push(Buffer.from(chunk)));
        stream.stderr.on('data', (chunk: Buffer | string) => stderrChunks.push(Buffer.from(chunk)));
        stream.on('exit', (exitCode: number | null, signalName?: string) => {
          code = exitCode;
          exitSignal = signalName ?? null;
        });
        stream.on('error', (streamError: Error) => settle(streamError));
        stream.on('close', () => settle());
        stream.end(input);
      });
    });
  }
  async stream(commandArg: string, optionsArg: ssh2.ExecOptions = {}) {
    const connection = this.ensureConnected();
    return new Promise<ssh2.ClientChannel>((resolve, reject) => {
      connection.exec(commandArg, optionsArg, (error, channel) => {
        if (error) {
          reject(error);
          return;
        }
        resolve(channel);
      });
    });
  }
  async shell(optionsArg: ISshShellOptions = {}) {
    const connection = this.ensureConnected();
    return new Promise<ssh2.ClientChannel>((resolve, reject) => {
      const done = (error: Error | undefined, channel: ssh2.ClientChannel) => {
        if (error) {
          reject(error);
          return;
        }
        resolve(channel);
      };
      if (optionsArg.window !== undefined) {
        connection.shell(optionsArg.window, optionsArg.options ?? {}, done);
      } else {
        connection.shell(optionsArg.options ?? {}, done);
      }
    });
  }
  async sftp() {
    const connection = this.ensureConnected();
    return new Promise<SshSftpClient>((resolve, reject) => {
      connection.sftp((error, sftp) => {
        if (error) {
          reject(error);
          return;
        }
        resolve(new SshSftpClient(sftp));
      });
    });
  }
  async forwardOut(optionsArg: ISshForwardOutOptions) {
    const connection = this.ensureConnected();
    return new Promise<ssh2.ClientChannel>((resolve, reject) => {
      connection.forwardOut(
        optionsArg.sourceHost ?? '127.0.0.1',
        optionsArg.sourcePort ?? 0,
        optionsArg.destinationHost,
        optionsArg.destinationPort,
        (error, channel) => {
          if (error) {
            reject(error);
            return;
          }
          resolve(channel);
        }
      );
    });
  }
  async forwardIn(optionsArg: ISshForwardInOptions): Promise<ISshForwardInHandle> {
    const connection = this.ensureConnected();
    const remoteHost = optionsArg.remoteHost ?? '127.0.0.1';
    const remotePort = await new Promise<number>((resolve, reject) => {
      connection.forwardIn(remoteHost, optionsArg.remotePort, (error, port) => {
        if (error) {
          reject(error);
          return;
        }
        resolve(port);
      });
    });
    return {
      remoteHost,
      remotePort,
      close: async () => {
        await new Promise<void>((resolve, reject) => {
          connection.unforwardIn(remoteHost, remotePort, (error) => {
            if (error) {
              reject(error);
              return;
            }
            resolve();
          });
        });
      },
    };
  }
  async close() {
    const connection = this.connection;
    if (!connection) {
      return;
    }
    await new Promise<void>((resolve) => {
      const timeoutHandle = setTimeout(resolve, 1000);
      connection.once('close', () => {
        clearTimeout(timeoutHandle);
        resolve();
      });
      connection.end();
    });
    this.connected = false;
    this.connection = undefined;
  }
  get isConnected() {
    return this.connected;
  }
  get error() {
    return this.lastError;
  }
  private createConnectConfig(): ssh2.ConnectConfig {
    const strictHostKeyChecking = this.profile.strictHostKeyChecking ?? true;
    const hasHostValidation =
      Boolean(this.profile.hostVerifier) || Boolean(this.profile.trustedHostFingerprints?.length);
    if (strictHostKeyChecking && !hasHostValidation) {
      throw new Error(
        'strictHostKeyChecking is enabled. Provide trustedHostFingerprints, hostVerifier, or set strictHostKeyChecking to false.'
      );
    }
    const privateKey =
      this.profile.privateKey instanceof SshKey
        ? this.profile.privateKey.privKey
        : this.profile.privateKey;
    const connectConfig: ssh2.ConnectConfig = {
      host: this.profile.host,
      port: this.profile.port,
      username: this.profile.username,
      password: this.profile.password,
      privateKey,
      passphrase: this.profile.passphrase,
      agent: this.profile.agent,
      agentForward: this.profile.agentForward,
      tryKeyboard: this.profile.tryKeyboard,
      readyTimeout: this.profile.readyTimeout,
      keepaliveInterval: this.profile.keepaliveInterval,
      keepaliveCountMax: this.profile.keepaliveCountMax,
      strictVendor: this.profile.strictVendor,
      algorithms: this.profile.algorithms,
      authHandler: this.profile.authHandler,
      sock: this.profile.sock,
      forceIPv4: this.profile.forceIPv4,
      forceIPv6: this.profile.forceIPv6,
      localAddress: this.profile.localAddress,
      localPort: this.profile.localPort,
      timeout: this.profile.timeout,
      ident: this.profile.ident,
      debug: this.profile.debug,
    };
    connectConfig.hostVerifier = ((key: Buffer, verify: ssh2.VerifyCallback) => {
      const verifyHost = async () => {
        if (!strictHostKeyChecking && !hasHostValidation) {
          return true;
        }
        const sha256Fingerprint = helpers.fingerprintSha256(key);
        const md5Fingerprint = helpers.fingerprintMd5(key);
        const trustedFingerprints = this.profile.trustedHostFingerprints ?? [];
        if (
          trustedFingerprints.includes(sha256Fingerprint) ||
          trustedFingerprints.includes(md5Fingerprint) ||
          trustedFingerprints.includes(`MD5:${md5Fingerprint}`)
        ) {
          return true;
        }
        if (this.profile.hostVerifier) {
          return this.profile.hostVerifier(sha256Fingerprint, key);
        }
        return false;
      };
      verifyHost().then(
        (result) => verify(Boolean(result)),
        () => verify(false)
      );
    }) as ssh2.HostVerifier;
    return connectConfig;
  }
  private ensureConnected() {
    if (!this.connection || !this.connected) {
      throw new Error('SSH client is not connected.');
    }
    return this.connection;
  }
 }
@@ -2,22 +2,40 @@ import * as plugins from './smartssh.plugins.js';
 import * as helpers from './smartssh.classes.helpers.js';
 import { SshKey } from './smartssh.classes.sshkey.js';
 export type TSshStrictHostKeyChecking = boolean | 'accept-new';
 export interface ISshConfigOptions {
  strictHostKeyChecking?: TSshStrictHostKeyChecking;
 }
 export interface ISshConfigHostBlock {
  host: string;
  values: Record<string, string>;
 }
 export class SshConfig {
  private _sshKeyArray: SshKey[];
-  constructor(sshKeyArrayArg: SshKey[]) {
+  private _options: ISshConfigOptions;
  constructor(sshKeyArrayArg: SshKey[], optionsArg: ISshConfigOptions = {}) {
    this._sshKeyArray = sshKeyArrayArg;
    this._options = {
      ...optionsArg,
      strictHostKeyChecking: optionsArg.strictHostKeyChecking ?? true,
    };
  }
  /**
   * stores a config file
   */
  store(dirPathArg: string) {
-    let done = plugins.smartpromise.defer();
+    const resolvedDir = helpers.resolveSshDirPath(dirPathArg);
-    let configArray: configObject[] = [];
+    helpers.ensureSshDirSync(resolvedDir);
-    let configString;
+    const configArray: configObject[] = [];
-    for (let key in this._sshKeyArray) {
+    for (const sshKey of this._sshKeyArray) {
-      let sshKey = this._sshKeyArray[key];
+      let configString = '';
      if (sshKey.host) {
        helpers.assertSafeHost(sshKey.host);
        const identityFilePath = plugins.path.join(resolvedDir, sshKey.host);
        configString =
          'Host ' +
          sshKey.host +
@@ -25,11 +43,20 @@ export class SshConfig {
          '  HostName ' +
          sshKey.host +
          '\n' +
-          '  IdentityFile ~/.ssh/' +
+          '  IdentityFile ' +
-          sshKey.host +
+          helpers.quoteSshConfigValue(identityFilePath) +
          '\n' +
          '  StrictHostKeyChecking no' +
          '\n';
        if (this._options.strictHostKeyChecking !== undefined) {
          const strictHostKeyChecking = this._options.strictHostKeyChecking;
          configString +=
            '  StrictHostKeyChecking ' +
            (strictHostKeyChecking === 'accept-new'
              ? 'accept-new'
              : strictHostKeyChecking
                ? 'yes'
                : 'no') +
            '\n';
        }
      }
      configArray.push({
        configString: configString,
@@ -38,18 +65,55 @@ export class SshConfig {
      });
    }
    let configFile: string = '';
-    for (let key in configArray) {
+    for (const config of configArray) {
-      configFile = configFile + configArray[key].configString + '\n';
+      configFile = configFile + config.configString + '\n';
    }
-    plugins.smartfile.memory.toFsSync(configFile, plugins.path.join(dirPathArg, 'config'));
+    plugins.fs.writeFileSync(plugins.path.join(resolvedDir, 'config'), configFile);
-    return done.promise;
+    plugins.fs.chmodSync(plugins.path.join(resolvedDir, 'config'), 0o600);
  }
  read(dirPathArg: string) {
    const configPath = plugins.path.join(helpers.resolveSshDirPath(dirPathArg), 'config');
    return plugins.fs.readFileSync(configPath, 'utf8');
  }
  read(dirPathArg) {
    let done = plugins.smartpromise.defer();
    let configArray: configObject[];
    plugins.smartfile.fs.toStringSync(plugins.path.join(dirPathArg, 'config'));
-    return done.promise;
+  parse(dirPathArg: string) {
    return SshConfig.parse(this.read(dirPathArg));
  }
  static parse(configStringArg: string): ISshConfigHostBlock[] {
    const blocks: ISshConfigHostBlock[] = [];
    let currentBlock: ISshConfigHostBlock | undefined;
    for (const rawLine of configStringArg.split(/\r?\n/)) {
      const line = rawLine.trim();
      if (!line || line.startsWith('#')) {
        continue;
      }
      const [keyword, ...valueParts] = line.split(/\s+/);
      const value = valueParts.join(' ');
      if (!keyword || !value) {
        continue;
      }
      if (keyword.toLowerCase() === 'host') {
        if (!helpers.isSafeHost(value)) {
          continue;
        }
        currentBlock = {
          host: value,
          values: {},
        };
        blocks.push(currentBlock);
        continue;
      }
      if (currentBlock) {
        currentBlock.values[keyword.toLowerCase()] = value;
      }
    }
    return blocks;
  }
 }
@@ -1,6 +1,5 @@
 import * as plugins from './smartssh.plugins.js';
 import * as helpers from './smartssh.classes.helpers.js';
 import { SshInstance } from './smartssh.classes.sshinstance.js';
 import { SshKey } from './smartssh.classes.sshkey.js';
 import { SshConfig } from './smartssh.classes.sshconfig.js';
@@ -13,32 +12,31 @@ export class SshDir {
    this._sshKeyArray = sshKeyArray;
    this._sshConfig = sshConfig;
    if (sshDirPathArg) {
-      this._path = sshDirPathArg;
+      this._path = helpers.resolveSshDirPath(sshDirPathArg);
    } else {
-      this._path = plugins.path.join(plugins.smartpath.get.home(), '.ssh/');
+      this._path = helpers.resolveSshDirPath();
    }
  }
  writeToDir(dirPathArg?: string) {
    // syncs sshInstance to directory
    let path = this._path;
-    if (dirPathArg) path = dirPathArg;
+    if (dirPathArg) path = helpers.resolveSshDirPath(dirPathArg);
    this._sshKeyArray.forEach((sshKeyArg) => {
-      sshKeyArg.store(path);
+      sshKeyArg.storeSync(path);
    });
    this._sshConfig.store(path);
  }
  /**
   * TODO: implement reading of directories
   */
  readFromDir(dirPathArg?: string) {
    // syncs sshInstance from directory
    let path = this._path;
-    if (dirPathArg) path = dirPathArg;
+    if (dirPathArg) path = helpers.resolveSshDirPath(dirPathArg);
    const sshKeys = helpers.sshKeyArrayFromDir(path);
    this._sshKeyArray.splice(0, this._sshKeyArray.length, ...sshKeys);
  }
  updateDirPath(dirPathArg: string) {
-    this._path = dirPathArg;
+    this._path = helpers.resolveSshDirPath(dirPathArg);
  }
  getKeys() {
@@ -1,8 +1,7 @@
 import * as plugins from './smartssh.plugins.js';
 import * as helpers from './smartssh.classes.helpers.js';
 import { SshDir } from './smartssh.classes.sshdir.js';
-import { SshConfig } from './smartssh.classes.sshconfig.js';
+import { SshConfig, type ISshConfigOptions } from './smartssh.classes.sshconfig.js';
 import { SshKey } from './smartssh.classes.sshkey.js';
 /**
@@ -13,12 +12,14 @@ export class SshInstance {
  private _sshConfig: SshConfig; // sshConfig (e.g. represents ~/.ssh/config)
  private _sshDir: SshDir; // points to sshDir class instance.
  private _sshSync: boolean; // if set to true, the ssh dir will be kept in sync automatically
-  constructor(optionsArg: { sshDirPath?: string; sshSync?: boolean } = {}) {
+  constructor(optionsArg: { sshDirPath?: string; sshSync?: boolean } & ISshConfigOptions = {}) {
    optionsArg ? void 0 : (optionsArg = {});
    this._sshKeyArray = [];
-    this._sshConfig = new SshConfig(this._sshKeyArray);
+    this._sshConfig = new SshConfig(this._sshKeyArray, {
      strictHostKeyChecking: optionsArg.strictHostKeyChecking,
    });
    this._sshDir = new SshDir(this._sshKeyArray, this._sshConfig, optionsArg.sshDirPath);
-    this._sshSync = optionsArg.sshSync;
+    this._sshSync = optionsArg.sshSync ?? false;
  }
  // altering methods
@@ -29,10 +30,10 @@ export class SshInstance {
  }
  removeKey(sshKeyArg: SshKey) {
    this._syncAuto('from');
-    let filteredArray = this._sshKeyArray.filter((sshKeyArg2: SshKey) => {
+    const sshKeyIndex = this._sshKeyArray.indexOf(sshKeyArg);
-      return sshKeyArg != sshKeyArg2;
+    if (sshKeyIndex >= 0) {
-    });
+      this._sshKeyArray.splice(sshKeyIndex, 1);
-    this._sshKeyArray = filteredArray;
+    }
    this._syncAuto('to');
  }
  replaceKey(sshKeyOldArg: SshKey, sshKeyNewArg: SshKey) {
@@ -43,7 +44,7 @@ export class SshInstance {
  }
  // non altering methods
-  getKey(hostArg: string): SshKey {
+  getKey(hostArg: string): SshKey | undefined {
    this._syncAuto('from');
    let filteredArray = this._sshKeyArray.filter(function (keyArg) {
      return keyArg.host === hostArg;
@@ -1,26 +1,27 @@
 import * as plugins from './smartssh.plugins.js';
 import * as helpers from './smartssh.classes.helpers.js';
 export type TSshKeyType = 'duplex' | 'private' | 'public';
 export class SshKey {
  private _privKey: string;
  private _pubKey: string;
  private _hostVar: string;
  private _authorized: boolean;
  private _smarthshellInstance = new plugins.smartshell.Smartshell({
    executor: 'bash',
  });
  /**
   * the constructor for class SshKey
   */
  constructor(
    optionsArg: { private?: string; public?: string; host?: string; authorized?: boolean } = {}
  ) {
-    this._privKey = optionsArg.private;
+    this._privKey = optionsArg.private ?? '';
-    this._pubKey = optionsArg.public;
+    this._pubKey = optionsArg.public ?? '';
-    this._hostVar = optionsArg.host;
+    if (optionsArg.host) {
-    this._authorized = optionsArg.authorized;
+      helpers.assertSafeHost(optionsArg.host);
    }
    this._hostVar = optionsArg.host ?? '';
    this._authorized = optionsArg.authorized ?? false;
  }
  // this.host
@@ -28,6 +29,9 @@ export class SshKey {
    return this._hostVar;
  }
  set host(hostArg: string) {
    if (hostArg) {
      helpers.assertSafeHost(hostArg);
    }
    this._hostVar = hostArg;
  }
@@ -73,7 +77,7 @@ export class SshKey {
  /**
   * returns wether there is a private, a public or both keys
   */
-  get type() {
+  get type(): TSshKeyType | undefined {
    if (this._privKey && this._pubKey) {
      return 'duplex';
    } else if (this._privKey) {
@@ -82,25 +86,68 @@ export class SshKey {
      return 'public';
    }
  }
  set type(someVlueArg: any) {
    console.log('the type of an SshKey connot be set. This value is  autocomputed.');
  }
  // methods
-  read(filePathArg) {}
+  read(filePathArg: string) {
    const resolvedPath = plugins.path.resolve(filePathArg);
    const fileName = plugins.path.basename(resolvedPath);
    const isPublicKey = fileName.endsWith('.pub');
    const host = isPublicKey ? fileName.slice(0, -4) : fileName;
    helpers.assertSafeHost(host);
    this._hostVar = host;
    if (isPublicKey) {
      this._pubKey = plugins.fs.readFileSync(resolvedPath, 'utf8');
    } else {
      this._privKey = plugins.fs.readFileSync(resolvedPath, 'utf8');
    }
  }
  static fromFile(filePathArg: string) {
    const sshKey = new SshKey();
    sshKey.read(filePathArg);
    return sshKey;
  }
  static fromFiles(optionsArg: { privateKeyPath?: string; publicKeyPath?: string; host?: string }) {
    const sshKey = new SshKey({ host: optionsArg.host });
    if (optionsArg.privateKeyPath) {
      sshKey.privKey = plugins.fs.readFileSync(plugins.path.resolve(optionsArg.privateKeyPath), 'utf8');
      if (!sshKey.host) {
        const fileName = plugins.path.basename(optionsArg.privateKeyPath);
        helpers.assertSafeHost(fileName);
        sshKey.host = fileName;
      }
    }
    if (optionsArg.publicKeyPath) {
      sshKey.pubKey = plugins.fs.readFileSync(plugins.path.resolve(optionsArg.publicKeyPath), 'utf8');
      if (!sshKey.host) {
        const fileName = plugins.path.basename(optionsArg.publicKeyPath).replace(/\.pub$/, '');
        helpers.assertSafeHost(fileName);
        sshKey.host = fileName;
      }
    }
    return sshKey;
  }
  async store(dirPathArg: string) {
-    plugins.fs.ensureDirSync(dirPathArg);
+    this.storeSync(dirPathArg);
-    let fileNameBase = this.host;
+  }
  storeSync(dirPathArg: string) {
    helpers.assertSafeHost(this.host);
    const resolvedDir = helpers.resolveSshDirPath(dirPathArg);
    helpers.ensureSshDirSync(resolvedDir);
    const fileNameBase = this.host;
    if (this._privKey) {
-      let filePath = plugins.path.join(dirPathArg, fileNameBase);
+      const filePath = plugins.path.join(resolvedDir, fileNameBase);
-      plugins.smartfile.memory.toFsSync(this._privKey, filePath);
+      plugins.fs.writeFileSync(filePath, this._privKey);
-      await this._smarthshellInstance.exec(`chmod 0600 ${filePath}`);
+      plugins.fs.chmodSync(filePath, 0o600);
    }
    if (this._pubKey) {
-      let filePath = plugins.path.join(dirPathArg, fileNameBase + '.pub');
+      const filePath = plugins.path.join(resolvedDir, fileNameBase + '.pub');
-      plugins.smartfile.memory.toFsSync(this._pubKey, filePath);
+      plugins.fs.writeFileSync(filePath, this._pubKey);
-      await this._smarthshellInstance.exec(`chmod 0600 ${filePath}`);
+      plugins.fs.chmodSync(filePath, 0o644);
    }
  }
 }
@@ -1,30 +1,25 @@
 // node native
-import * as fs from 'fs-extra';
+import * as crypto from 'crypto';
 import fs from 'fs-extra';
 import * as path from 'path';
-export { fs, path };
+export { crypto, fs, path };
 // @push.rocks scope
 import * as smartjson from '@push.rocks/smartjson';
 import * as smartfile from '@push.rocks/smartfile';
 import * as smartcrypto from '@push.rocks/smartcrypto';
 import * as smartpath from '@push.rocks/smartpath';
 import * as smartpromise from '@push.rocks/smartpromise';
 import * as smartshell from '@push.rocks/smartshell';
 import * as smartstring from '@push.rocks/smartstring';
 export {
  smartjson,
  smartfile,
  smartcrypto,
  smartpath,
  smartpromise,
  smartshell,
  smartstring,
 };
 // third party scope
 import * as minimatch from 'minimatch';
-import * as nodeSsh from 'node-ssh';
+import ssh2 from 'ssh2';
-export { minimatch, nodeSsh };
+export { minimatch, ssh2 };
@@ -5,8 +5,10 @@
    "target": "ES2022",
    "module": "NodeNext",
    "moduleResolution": "NodeNext",
    "noImplicitAny": true,
    "esModuleInterop": true,
-    "verbatimModuleSyntax": true
+    "verbatimModuleSyntax": true,
    "types": ["node"]
  },
  "exclude": [
    "dist_*/**/*.d.ts"
Author	SHA1	Message	Date
jkunz	d3a748d26e	v2.1.0	2026-05-02 09:43:21 +00:00
jkunz	3b20db79d0	feat(sshclient): add a promise-first SSH client with secure host verification and improve SSH key/config handling	2026-05-02 09:43:21 +00:00
jkunz	4a97d63c04	v2.0.3	2026-05-01 18:44:22 +00:00
jkunz	d8ab8a8d73	fix(ssh): modernize filesystem handling and package exports for NodeNext compatibility	2026-05-01 18:44:22 +00:00
philkunz	a9820a9e98	update description	2024-05-29 14:16:27 +02:00
philkunz	7037cee3d8	update tsconfig	2024-04-14 18:22:42 +02:00
philkunz	f7661e3133	update tsconfig	2024-04-01 21:41:15 +02:00
philkunz	cfcaa5b059	update npmextra.json: githost	2024-04-01 19:59:45 +02:00
philkunz	ac048b7025	update npmextra.json: githost	2024-03-30 21:48:46 +01:00